Fernando, Your response was MOST helpful AND ENABLED a fairly large success! Yay!
This is the VirtualBox-7.0.27-168595-Linux_amd64.run version. As far as I can tell, a Fedora 42 install (anaconda) TURNS SECURE BOOT BACK ON. Alerte rohas alerte rohas... :-) There's still some problems with VB though. There a TON of messages coming out now: Qt WARNING: Falling back to using screens root_visual. Qt WARNING: qglx_findConfig: Failed to finding matching FBConfig for QSurfaceFormat(version 2.0, options QFlags<QSurfaceForma t::FormatOption>(), depthBufferSize -1, redBufferSize 1, greenBufferSize 1, blueBufferSize 1, alphaBufferSize -1, stencilBuff erSize -1, samples -1, swapBehavior QSurfaceFormat::SingleBuffer, swapInterval 1, colorSpace QSurfaceFormat::DefaultColorSpac e, profile QSurfaceFormat::NoProfile) Also, the VB version VirtualBox-7.1.97-168641-Linux_amd64.run has various pull down menus that show NO DATA. It's REALLY hard to use without data. It looks like white text on a white background but, who can tell. I'm not sure that VB is handling all the intracicies of EUFI but haven't nailed anything down yet. ------------------------------ Message: 2 Date: Sun, 4 May 2025 02:55:21 -0300 From: Fernando Cassia <fcas...@gmail.com> To: Community mailing list of VirtualBox users <vbox-users-community@lists.sourceforge.net> Subject: Re: [VBox-users] VB and EUFI problems Message-ID: <cacgw4h6o0jqjz5pr5q5g-zutzfyvaz71kp9elkulp3ctyxc...@mail.gmail.com> Content-Type: text/plain; charset="utf-8" El dom, 4 de may. de 2025 00:24, George R Goffe via VBox-users-community < vbox-users-community@lists.sourceforge.net> escribi?: ... secure boot is disabled but VB still wants to get kernel modules > signed. This seems to be a bug in VB. > > I'm at a loss as to what to do at this point. Can anyone help me please? > > Best regards, > > George... > HI George. I only run Windows here. But until some devs see this and responde, here is what Grok had to say: VirtualBox?s error message about needing to sign kernel modules (Kernel driver not installed (rc=-1908)) typically appears when the vboxdrv module fails to load. The mention of signing is often tied to Secure Boot, but in your case, with Secure Boot disabled, the issue likely stems from one of these causes: - VirtualBox Misdetecting Secure Boot: VirtualBox?s setup script ( /sbin/vboxconfig) checks the Secure Boot status using tools like mokutil --sb-state. If this check is buggy or misconfigured, VirtualBox might incorrectly assume Secure Boot is enabled and demand signed modules. This has been reported in older VirtualBox versions (e.g., 6.0.10) and could persist in some configurations. - Kernel Module Signature Enforcement: Even with Secure Boot disabled, the Fedora kernel might have CONFIG_MODULE_SIG_FORCE enabled, which requires all modules to be signed regardless of Secure Boot status. This is uncommon in stock Fedora kernels but could occur in custom or hardened configurations. You can check this by running: bash cat /proc/sys/kernel/modprobedmesg | grep "signature" If dmesg shows errors like Lockdown: unsigned module loading is restricted, it indicates signature enforcement. - VirtualBox Build Issue: The VirtualBox kernel modules may not be building or loading correctly due to missing dependencies or kernel mismatches. For example, VirtualBox requires kernel-devel and kernel-headers matching your running kernel (uname -r). If these are missing or mismatched, the module build fails, and VirtualBox may misleadingly report a signing issue. The log file /var/log/vbox-setup.log can provide clues. - Bug in VirtualBox: There have been documented issues with VirtualBox (e.g., versions 6.1.24/26) where the setup script incorrectly enforces module signing or rebuilds modules unnecessarily, leading to persistent errors. This could explain why you?re seeing the signing prompt despite Secure Boot being off. Steps to Resolve the Issue Since Secure Boot is disabled, you shouldn?t need to sign modules. Here?s a step-by-step approach to fix VirtualBox and get it running: Step 1: Verify Secure Boot is Disabled Confirm that Secure Boot is truly disabled to rule out firmware or detection issues: bash mokutil --sb-state Expected output: SecureBoot disabled. If it says enabled, your firmware settings may not have applied correctly. Reboot, enter the UEFI firmware (BIOS) setup, and ensure Secure Boot is off. Step 2: Check Kernel Module Signing Enforcement Verify if the kernel is enforcing module signatures: bash dmesg | grep "signature" cat /sys/module/module/parameters/sig_enforce If sig_enforce is Y, the kernel requires signed modules even without Secure Boot. This is rare in Fedora but can be bypassed by signing the modules (see Step 5) or rebuilding the kernel (advanced, not recommended Step 3: Ensure Prerequisites for VirtualBox Install the necessary packages to build VirtualBox kernel modules: bash sudo dnf install -y @development-tools qt5-qtx11extras binutils elfutils-libelf-devel gcc make perl dkms kernel-devel kernel-headers Ensure kernel-devel and kernel-headers match your running kernel: bash uname -r rpm -qa | grep kernel-devel If they don?t match, install the correct version: bash sudo dnf install kernel-devel-$(uname -r) Step 4: Rebuild VirtualBox Kernel Modules Run the VirtualBox setup script to rebuild the modules: bash sudo /sbin/vboxconfig Check the output for errors. If it fails, inspect the log: bash cat /var/log/vbox-setup.log Common issues include missing gcc, make, or kernel headers. Install any missing dependencies and retry. Step 5: Load Modules Manually (Test) Try loading the VirtualBox modules manually to diagnose the issue: bash sudo modprobe vboxdrv sudo modprobe vboxnetflt sudo modprobe vboxnetadp If this fails with an error like Operation not permitted or unsigned module, it confirms the kernel or VirtualBox is enforcing signatures. Check dmesg for details: bash dmesg | tail -n 50 Step 6: Workaround for Signing (if Needed) If the above steps don?t resolve the issue and VirtualBox insists on signed modules, you can sign the modules without enabling Secure Boot. This is a workaround to satisfy VirtualBox?s requirements: Create a Signing Key: bash sudo mkdir /root/signed-modules cd /root/signed-modules sudo openssl req -new -x509 -newkey rsa:2048 -keyout MOK.priv -outform DER -out MOK.der -days 36500 -subj "/CN=VirtualBox/" -nodes sudo chmod 600 MOK.priv Import the Key (no reboot needed since Secure Boot is off): bash sudo mokutil --import MOK.der Set a temporary password when prompted (not used unless Secure Boot is enabled). Sign the Modules: bash for modfile in $(dirname $(modinfo -n vboxdrv))/*.ko; do echo "Signing $modfile" sudo /usr/src/kernels/$(uname -r)/scripts/sign-file sha256 /root/signed-modules/MOK.priv /root/signed-modules/MOK.der "$modfile" done Load the Signed Modules: bash sudo modprobe vboxdrv sudo /sbin/vboxconfig Verify VirtualBox: Start VirtualBox and try running a VM. If it works, the signing resolved the issue. -------------- next part -------------- An HTML attachment was scrubbed... ------------------------------ _______________________________________________ VBox-users-community mailing list VBox-users-community@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/vbox-users-community _______________________________________________ Unsubscribe: mailto:vbox-users-community-requ...@lists.sourceforge.net?subject=unsubscribe
